Bink Newsflash 18

in collaboration with

Hi everybody, and welcome
new members, again it has been a while since my last newsletter, I won't bother
you with "how busy I have been with working", "I had to study
hard for my Windows 2000 certification" or "my
girlfriend needed some quality time..." so let's cut the crap and get
started!

First of
all I would like to anounce my collaboration with Neowin.net. This website was
and is a major source for my newsletters! I've been in contact with Neobond
(one of the owners of Neowin) for some time now and we decided that we
work together some more.

This
newsletter is now the newsletter for Neowin too!

MCSE 2000

Last week
I was up for the upgrade exam for NT4 to Win2k. When MS released win2k it told
all MCSE's that they would lose their certification status at the end of
2001. Unless they upgraded their certification to Win2k.Their were a lot of protests, but Microsoft had no
mercy. NT4 MCSE's could get a free voucher and do a 4in1 exam and to upgrade to
win2k.

That
sounded OK, but you only got 1 chance.... So I decided to wait as long as
possible so I would learn more on win2k in the field before doing the 4 hour
exam from hell. Last month MS announced that it would NOT take the
certification of NT4 MCSE's! Probably because if they did there would be more
Novell engineers in the world then MCSE's because not too many engineers
were doing the upgrade. Later MS announced they wouldn't retire some old
product certifications like Exchange 5.0, probably for the same reason. So now
you have NT4 MCSE's and win2k MCSE's.

Anyway I
did the exam form hell and guess what? I passed in 3 hours. It was easier then
I thought.

Killing bugs

A
lot of service pack news:

Service Pack 2

Because
SQL Server Service Packs are cumulative, SP2 includes all fixes from previously
released Service Pack 1 (SP1), and can be applied to an original installation
or to one where Service Pack 1 (SP1) was previously applied.

IE6 sp1 beta1 build 1114

Since NT4
Servicepack 5 MS releases beta versions of service packs semi publicly. Too
many times a service pack did more harm then good. Now the first beta of the
first Service Pack of IE6 is released to testers

This build
1114 includes the following fixes/enhancements:

SMIL 2.0: Expanded support for
the W3C Synchronized Multimedia Working Group's SMIL 2.0 proposed
recommendation through a new version of HTML+TIME.

Msxml3 registers itself over
msxml: In this tech beta, msxml3 will register itself over any existing
version of msxml on your machine, routing all calls into msxml to msxml3.
(Msxml3 is the first version of msxml that is completely compliant with
W3C standards and the first version of msxml to support XSL/T.)

IFRAME
security="restricted": A new property has been added to the
Frame and IFrame elements: Security="restricted". This new
property has the ability to push the Frame/IFrame into the restricted zone
so the security setting for this zone will be placed on the contents
within the frame. The key scenario here is to prevent malicious script or
ActiveX controls from running within a frame on a web-based email
application.

Custom Cursor: The user is now
able to generate their own cursor. Even animation
is possible! IE supports .cur and .ani files. The look of the existing
cursor has been changed to be standard CSS2 compliant.

"onmousewheel"
event: This event allows you to track the mousewheel movements.

Focus events: Due to historic
compatibility with Netscape, onfocus/onblur are
asynchronous and non-bubbling events. Two new events have been added:
onfocusin and onfocusout.

I haven't
seen this baby leak yet, so I can't share my experience on this one.....

As first
used for NT4: a package which includes all security fixes. A comfortable thing
for admins, normally after installing the latest SP for Windows NT you need to
donwload and install countless hotfixes so your system is secure for known
holes. Especially since MS decided to skip SP7 for NT4.
In stead they released the NT4 Security Roll Up Pack.
Now MS does it again but for Win2k. It is not here yet, but the beta program is
announced. This pack will include all security fixes since the release of win2k
SP2.

I don't
understand why they even start this program since SP3 for win2k beta program is
already in progress. Why don't use the resources from this roll-up package on
SP3 and get it out!

Anyway you
can still sign in to participate in the Beta program of the rollup. Just login,
fill in the survey and hope you get selected!

·Username:
SRPBeta

·Password:
W2KSRP

Beta build Beta 1 RC 3.51

A few
weeks ago MS released the first beta of sp3 for win2k. I installed it on my PC
at work and so far works fine.

The first
thing I noticed during install that it has a new setup wizard, now that's not
shocking, but that's what a SP does it fixes bugs and does not add features. So no new bells and whistles. I haven't had the time to
slipstream it and do a clean install.

The first
two involve how IE handles cookies across domains. Although the underlying
flaws are completely unrelated, the scope is exactly the same – in each case, a
malicious user could potentially craft a URL that would allow them to gain
unauthorized access to a user's cookies and potentially modify the values
contained in them. Because some web sites store sensitive information in a
user’s cookies, this could allow personal information to be compromised. Both
vulnerabilities could be exploited either by hosting specially crafted URL's on
a web page or by sending them to the victim in an HTML email.

The third
vulnerability is a new variant of a vulnerability discussed in Microsoft
Security Bulletin MS01-051
affecting how IE handles URLs that include dotless IP addresses. If a web site
were specified using a dotless IP format (e.g., http://031713501415 rather than
http://207.46.131.13), and the request were malformed in a particular way, IE
would not recognize that the site was an Internet site. Instead, it would treat
the site as an intranet site, and open pages on the site in the Intranet Zone
rather than the correct zone. This would allow the site to run with fewer security
restrictions than appropriate. This vulnerability does not affect IE 6.

"Windows XP
Embedded is the componentized version of the leading desktop operating system
enabling rapid development of the most reliable and full-featured connected
devices. Based on the same binaries as Windows XP Professional,
Windows XP Embedded enables embedded developers to individually select
only the rich features they need for customized, reduced-footprint embedded
devices"

I hope to
have a thin client soon with Embedded XP, then I'll
let you know more!

Messenger 4.5 for
Exchange 2000

Promised on
XP launch but just now released, new messenger for Exchange
Instant Messaging (IM) Server.

I believe
instant messaging in corporations will be as big as email is now. I played
around with Exchange IM server on our test network, it
is pretty easy to set up. I have 1 IMclient and it logs in on the Internet and
on the Exchange server. So I can simultaneously chat with internal users and
Internet users.

Windows
.NET Server Administration Tools Pack (adminpak.msi) provides server management
tools that allow administrators to remotely manage Windows 2000 Servers from Windows
XP Professional machines. This is the BETA 3 version of the adminpak.msi file -
please read KnowledgeBase article Q304718 for more information on the beta
release process of this file and known issues.

Make your Windows
Transparent! with Glass2k

The latest version
remembers each window's transparency settings, allows you to keep any window on
top, loads on Windows startup, beeps when glassify'ng a window, supports mouse
and keyboard shortcuts, and allows you to customize these shortcuts. Read the
Glass2k page for more details. Please

Note: Glass2k works only
on Windows 2000 and XP. It will NOT work on Windows 3.1, 95, 98 and ME

This will help increase your bandwidth for any
network connection in Windows XP PRO.

1. Make sure your logged on as actually
"Administrator". do not log on with any
account that just has administrator privileges. To log in as an administrator:
-click on start->logoff->logoff
-in the logon screen hold Ctrl+Alt+Del.
-in the user field type 'Administrator' <-case sensitive.
-in the password field type the password for the
administrator (if you don't have one leave blank)
-press ok

This is more of a "counter what XP does" thing. In other words, XP
seems to want to reserve 20% of the bandwidth for itself even with QoS
disabled. So why not use it to your advantage. To demonstrate the problem,
start up a big download from a server with an FTP client. Try to find a server
that doesn't max out your bandwidth. In this case you want a slow to medium
speed server to demonstrate this. Let it run for a couple of minutes to get
stable. The start up another download from the same server
with another instance of your FTP client. You will notice that the
available bandwidth is now being fought over and one of the clients download
will be very slow or both will slow down when they should both be using the
available bandwidth. Using this "tweak" both
clients will have a fair share of the bandwidth and will not fight over the
bandwidth.

For
more information on QoS: Refer to the Microsoft Knowledge base article by
clicking here.

Ok
that's it!

Steven
Bink

[bink@bink.nu] This is a posting
from the
BinkNewsFlash List. To unsubscribe, forward this message (Including these
lines) to <unsub-BinkNewsFlash@lyris.sunbelt-software.com>.

[bink@bink.nu] This is a posting from the
BinkNewsFlash List. To unsubscribe, forward this message (Including these
lines) to <unsub-BinkNewsFlash@lyris.sunbelt-software.com>.